Async post-guards

If every applicable output policy for a tenant is in shadow or async mode (i.e. nothing can block or rewrite the response), DeepintShield runs the post-LLM evaluation off the critical path — the user gets the response immediately, and findings still land in the audit store via the persistence queue.

Default behavior

On. Auto-detected per tenant; no opt-in needed.

# Plugin config:
{ "async_post_guards_when_no_sync": true }

# Or env var:
DEEPINTSHIELD_GUARD_ASYNC_POST_GUARDS=true

When this kicks in

The optimization fires when both conditions hold for the request:

1. The tenant’s hydrated bundle has zero output-scope policies in sync mode (every policy is shadow or async).
2. The request itself doesn’t carry any sync-mode policies via VK overrides or governance attachments.

If either check fails, the regular sync post-evaluation runs (response is held until the verdict is in).

What stays the same

• Audit trail — every finding still lands in the evidence store. The trace, decision, and findings records are written from the background worker, not from the request path.
• Shadow/async finding semantics — already non-enforcing under the execution-modes contract; this optimization just doesn’t waste the user’s latency on them.
• Sync findings — never affected. If any sync policy exists, evaluation runs inline as before.

Use shadow mode for new policies

The simplest way to benefit from this optimization: roll new policies out in shadow mode first. You get findings in the audit log without any user-path latency. Promote to sync once you’re confident in the signal.

How to verify it’s active

Response headers reveal the mode that ran:

x-deepintshield-guardrail-status: pass
x-deepintshield-guardrail-mode: async

Or mode: shadow for shadow-only, or mode: sync for sync-only.